Software Detail

Software Informaton Top

Database

Software Detail

Microsoft SQL Server

Number Of NVD

107

CRITICAL

HIGH

MEDIUM

LOW

URL	https://www.microsoft.com/ja-jp/sql-server/
Explanation	It is a relational database management system (RDBMS) provided by Microsoft, and like other Windows products, it can be operated in various ways from the GUI (screen). The support end date depends on the service pack provided. If a new service pack is provided, the old service pack will be supported for 12 months.
Tag	商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://support.microsoft.com/ja-jp/lifecycle/search?alpha=SQL%20Server
2			https://sqlserverbuilds.blogspot.com/
3			https://learn.microsoft.com/ja-jp/lifecycle/policies/fixed

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Initial release	Normal Support	Extended for a fee	High	Medium	Low
41	SQL Server 2022	2022	Nov. 16, 2022	Jan. 11, 2028	Jan. 11, 2033	18	1	0
42	SQL Server 2019	2019	Nov. 4, 2019	Jan. 7, 2025	Jan. 8, 2030	20	1	0
43	SQL Server 2014 Service Pack 3	2014	Oct. 30, 2018	July 9, 2019	July 9, 2024	15	3	0
44	SQL Server 2016 Service Pack 2	2016	April 24, 2018	July 13, 2021	July 14, 2026	13	3	0
45	SQL Server 2017	2017	Sept. 29, 2017	Oct. 11, 2022	Oct. 12, 2027	9	2	0
46	SQL Server 2012 Service Pack 4	2012	July 11, 2017		July 12, 2022	12	4	0
47	SQL Server 7.0	7.0		Jan. 1, 2000		16	17	3
48	SQL Server 6.5	6.5		Jan. 1, 2000		2	1	1
49	SQL Server 6.0	6.0		Jan. 1, 2000		1	0	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
41	- 9.3	HIGH	Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP…	CWE-189 Numeric Errors	CVE-2009-3126	cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:20…	2026-04-23 09:35 2009-10-14	Show	GitHub Exploit DB Packet Storm

42	- 9.3	HIGH	GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that tr…	CWE-94 Code Injection	CVE-2009-2528	cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:20…	2026-04-23 09:35 2009-10-14	Show	GitHub Exploit DB Packet Storm

43	- 9.3	HIGH	Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server…	CWE-189 Numeric Errors	CVE-2009-2504	cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:20…	2026-04-23 09:35 2009-10-14	Show	GitHub Exploit DB Packet Storm

44	- 9.3	HIGH	GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 20…	CWE-94 Code Injection	CVE-2009-2503	cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:20…	2026-04-23 09:35 2009-10-14	Show	GitHub Exploit DB Packet Storm

45	8.1 9.3	HIGH Network	Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2…	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2009-2502	cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:20…	2026-04-23 09:35 2009-10-14	Show	GitHub Exploit DB Packet Storm

46	- 9.3	HIGH	Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Vis…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-2501	cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:20…	2026-04-23 09:35 2009-10-14	Show	GitHub Exploit DB Packet Storm

47	- 9.3	HIGH	Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP…	CWE-189 Numeric Errors	CVE-2009-2500	cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:2005:sp3 cpe:2.3:a:microsoft:sql_server:20…	2026-04-23 09:35 2009-10-14	Show	GitHub Exploit DB Packet Storm

48	- 9.0	HIGH	Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 D…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2008-5416	cpe:2.3:a:microsoft:sql_server:2005:* cpe:2.3:a:microsoft:sql_server:2000:*	2026-04-23 09:35 2008-12-10	Show	GitHub Exploit DB Packet Storm

49	- 7.6	HIGH	Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in Tools\Binn\sqlvdir.dll in Microsoft SQL Server 2000 (aka SQL Server 8.0) allows remote attackers to cause a denial of service (brow…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2008-4110	cpe:2.3:a:microsoft:sql_server:2000:*	2026-04-23 09:35 2008-09-17	Show	GitHub Exploit DB Packet Storm

50	- 9.3	HIGH	Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image …	CWE-189 Numeric Errors	CVE-2008-3015	cpe:2.3:a:microsoft:sql_server:2005:sp2	2026-04-23 09:35 2008-09-11	Show	GitHub Exploit DB Packet Storm